Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SUPEE-6788_CE_1.7.0.2 - Broke block to show last products on home page

SOLVED
Go to solution
‎10-27-2015 01:57 PM
‎10-27-2015 01:57 PM

SUPEE-6788_CE_1.7.0.2 - Broke block to show last products on home page

Hi,

 

Since I applied the 6788 patch on a CE 1.7.0.2 installation, a block doesn't show up with last products on home page.

The block contains this line:

 {{block type="catalog/product_list" category_id="3" num_products="4" template="catalog/random.phtml"}}

If I remove that particular line, it shows up again on the home page.

 

So what to do in order to maintain the display of last products if I can't use this line?


Thx.

0 Kudos
2 ACCEPTED SOLUTIONS

Accepted Solutions
‎10-27-2015 02:18 PM
‎10-27-2015 02:18 PM

Re: SUPEE-6788_CE_1.7.0.2 - Broke block to show last products on home page

There is a whitelist that must be maintained for non-standard vars that are added to CMS

APPSEC-1057: search for {{config path= and {{block type= in all PHP files of local and community modules, and filter out all elements from the whitelist.

How to add items to that whitelist has not been explained yet.

 

Hint here => http://magento.stackexchange.com/questions/87466/appsec-1057-how-to-add-variables-or-blocks-to-the-w...

View solution in original post

‎11-04-2015 12:43 PM
‎11-04-2015 12:43 PM

Re: SUPEE-6788_CE_1.7.0.2 - Broke block to show last products on home page

Thx, I managed to have everything working fine by following this procedure:

1) use/follow script as described here: http://magento.stackexchange.com/questions/87466/appsec-1057-how-to-add-variables-or-blocks-to-the-w...

2) update any extension through Magento Connect (so it triggers the script created in 1)

3) use https://github.com/rhoerr/supee-6788-toolbox

View solution in original post

0 Kudos
2 REPLIES 2
‎10-27-2015 02:18 PM
‎10-27-2015 02:18 PM

Re: SUPEE-6788_CE_1.7.0.2 - Broke block to show last products on home page

There is a whitelist that must be maintained for non-standard vars that are added to CMS

APPSEC-1057: search for {{config path= and {{block type= in all PHP files of local and community modules, and filter out all elements from the whitelist.

How to add items to that whitelist has not been explained yet.

 

Hint here => http://magento.stackexchange.com/questions/87466/appsec-1057-how-to-add-variables-or-blocks-to-the-w...

‎11-04-2015 12:43 PM
‎11-04-2015 12:43 PM

Re: SUPEE-6788_CE_1.7.0.2 - Broke block to show last products on home page

Thx, I managed to have everything working fine by following this procedure:

1) use/follow script as described here: http://magento.stackexchange.com/questions/87466/appsec-1057-how-to-add-variables-or-blocks-to-the-w...

2) update any extension through Magento Connect (so it triggers the script created in 1)

3) use https://github.com/rhoerr/supee-6788-toolbox

0 Kudos